With macOS 13 Ventura heading into public beta and the latest MacBook Air and MacBook Pro models making their way to market, it’s time to decide whether your business IT is ready for an upgrade. We asked Pre-Sales Consultant Liam Donnelly to talk us through the key points of Apple’s WWDC releases and what they mean for IT teams on the ground…
Device management is key to any corporate IT strategy, and it seems to have been a major focus in this round of OS updates.
macOS, iOS and iPadOS have seen a number of improvements in the last year, many of them relating to how the systems handle updates and upgrades on managed devices. The latest addition is Rapid Security Response, which will allow organisations to automatically deploy important security fixes to devices between normal updates without relying on end users to initiate the update
That’s not the only big change. Starting in macOS Ventura, Apple computers with Apple M-series silicon or T2 chips will require a network connection before the device can be set up. This change ensures that automatic enrolment is enforced on any devices that are registered to an organisation using Apple Business Manager or Apple School Manager. This makes it much harder for end users to avoid enrolling in MDM, and brings macOS devices in line with their iOS counterparts.
Other important updates include macOS devices responding to update commands while in a power nap, and improved reporting for devices on 12.3 or later.
A lot of Apple’s announcements this year were focused on the theme of identity. These changes are designed to enhance end users’ day-to-day experience of their device, and include changes to Managed Apple IDs, SSO, BYOD and authentication.
Platform Single Sign-On (SSO) is an exciting change that enables the existing SSO Extension to extend to the macOS login window. When a user logs in to their macOS device, the SSO Extension configured by MDM will sign them into other approved apps and services without the need for them to sign in again. Platform SSO will also sync the macOS and Identity provider passwords to match, allowing the user to sign-in to their device with the identity provider password. An important change that will be have positive impact on everyday users.
Although officially announced before WWDC, it’s worth noting that Apple has now added Google Workspace integration to Apple School Manager and Apple Business Manager. Historically, directory sync and federation were restricted to Microsoft Azure customers, so this is a welcome change that allows more education and business users to experience parity of access, streamline their identity management and enable the benefits of using Managed Apple IDs within their organisation.
Apple is big on security and privacy, and each year new enhancements, features and improvements arrive to ensure users can handle both business and personal data safely. Notable changes this year include new permissions settings, proxies and filters.
On Apple Silicon devices, USB and Thunderbolt accessories will now require user approval before they can communicate with a macOS device. This change will make users think twice before plugging in unknown accessories and will protect the device from malicious charging points. In parallel with this, MDM settings can be applied to manage this new setting to “Always Allow” USB-connected devices if required.
Apple are releasing per-app DNS Proxy and Web Content Filter on iOS and iPadOS. This feature will allow managed applications to use an organisation’s DNS or web filtering solution to filter traffic based on source application, rather than by device. This is great if you don’t want to filter the entire Apple device’s outbound network traffic, and instead want to limit and protect specific applications’ network traffic.
Finally, there have been changes to Gatekeeper. Historically, Gatekeeper has only checked for notarisation of newly-downloaded apps. From now on it will check the integrity of all apps on first launch and block them if they do not meet given criteria. This means it’s now extra important for developers or anyone creating applications to ensure their work is signed and notarised.
As with any upgrade, it’s important to ensure that your key systems are compatible with Ventura and other OSes before you upgrade, and that your infrastructure and networking solutions will be able to absorb any new devices. At Jigsaw24, we offer a macOS Upgrade Review to help organisations assess whether they can upgrade straight away.
Our engineers will carry out an assessment of your estate, looking for potential compatibility issues between the latest Apple releases and your device deployment and management, endpoint and platform security, networking, onboarding processes, end user interactions, core applications, support systems and procurement processes. We’ll then produce a comprehensive report with recommendations to help you deploy Ventura securely at scale.
Want to learn more about upgrading to macOS Ventura?
From how it will affect your organisation's apps to the extra functionality available for mobile device management, our whitepaper covers everything you need to know about macOS Ventura.
It's perfect whether you're a director, an IT manager or a curious employee interested in the latest Apple operating systems. Fill in the form below to download the whitepaper now.
Pop your details in the form to receive your copy of our macOS Ventura whitepaper
*We would like to send you information on our latest special offers as well as relevant news, articles and event invites. Click here for examples. We’ll always treat your details with respect and the information you provide will only be used to better target the communications you receive. You can read our full Privacy Notice here.
With iOS 16 out now and macOS Ventura just around the corner, we thought we’d take a look.
Sustainability is at the forefront of everyone’s mind. What are you doing to make your business more environmentally friendly?